240625 – MOOVPAD Apps – Data & Security

25 June 2024
Screenshot 2023-09-29 212851

Policies, Servers & Clients

We previously looked at the MOOVPAD Data Policies, where the general theme is centred on both minimising the user data collected and the time that data is stored on MOOVPAD servers. These policies will of course help reduce the risk of any potential data breach significantly impacting user safety and security online through the use of MOOVPAD apps.

There will also be times when users choose to sync their data across devices and services, and this will require further steps to protect their data. To this end, I will also be implementing a range of established best practices from industry standards. For now, I am simply learning what I need to learn, as the subject of security with modern apps is very involved and there are many systems/approaches on both the underlying OS level (e.g. Windows or Linux servers) as well as the software level (e.g. data server), in addition to the MOOVPAD apps themselves. I recently mentioned OWASP guidelines, and have been continuing my general research since and discovered important points for things like PostgreSQL, Kerberos authentication and DNS, and much more.

Screenshot 2024-01-07 221121
Screenshot 2024-06-13 201022

Eventually there may also be scope for research applications for the data. In addition to the standard best practices for ethical research (e.g. de-identification of records, etc) and the presentation of research proposals for ethics committee review as appropriate, this type of data use would require additional measures for security (e.g. minimising access even further).

So basically, lots of learning still to follow so that I at least understand the advice from the industry professionals that I plan to work with later. As opposed to my usual blank stares of "say whaaaaa" 🙂

Stay awesome,

EMH

HOW MOOVPAD IS BEING BUILT

MOOVPAD Dev Approach & Rationale

For the overview of how MOOVPAD apps are being developed, the reasoning behind particular decisions during development, policies, and more in relation to all the technical things, please see the link to the left.

This will be an ongoing work in progress, and will always be linked to the bottom of each upcoming Blog post.